The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade detection and gain trust.

WhatsApp Web malware spreads banking trojan automatically

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...
SecurityWeek

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...
Cybernews

KongTuke’s CrashFix campaign uses fake Chrome adblocker to deploy ModeloRAT

A worker searching for an adblocker ended up installing malware instead after threat actor KongTuke pushed a fake Chrome ...
GitHub

MCP Desktop Host (Experimental Reference)

A modular desktop application that hosts Model Context Protocol (MCP) servers inside a local environment. Built with Tauri (Rust + React) for the frontend and Python for the AI orchestration layer.
CNX Software

Raspberry Pi AI HAT+ 2 review – A 40 TOPS AI accelerator tested with Computer Vision, LLM, and VLM workloads

Raspberry Pi sent me a sample of their AI HAT+ 2 generative AI accelerator based on Hailo-10H for review. The 40 TOPS AI ...
GitHub

CSD Pipeline Pilot Component Collection

This component collection for Pipeline Pilot allows protocols to integrate functionality from the Cambridge Structural Database (CSD) Python API. This includes capabilities for CSD searching, model ...